#!/bin/sh
user_name=$1
code=$2
#echo "/bin/rm -f /usr/local/private/${user_name}.key.pem"
/bin/rm -f /usr/local/private/${user_name}.key.pem 
/bin/rm -f /usr/local/private/${user_name}.csr
/bin/rm -f /usr/local/certificates/${user_name}.cer
/bin/rm -f /usr/local/certificates/${user_name}.p12
/usr/local/ssl/bin/openssl genrsa -aes256 -passout pass:$code -out /usr/local/private/${user_name}.key.pem 2048
/usr/local/ssl/bin/openssl req -passin pass:$code -new -key /usr/local/private/${user_name}.key.pem -out /usr/local/private/${user_name}.csr -subj "/C=CN/ST=SZ/L=SZ/O=cc1990/OU=cc1990/CN=$user_name"

/usr/local/ssl/bin/openssl x509 -req -days 3650 -sha1 -extensions v3_req -CA /usr/local/certificates/ca.cer -CAkey /usr/local/private/ca.key.pem -CAserial /usr/local/ca.srl -CAcreateserial -in /usr/local/private/${user_name}.csr -out /usr/local/certificates/${user_name}.cer -passin pass:cc1990.com &> /tmp/debug.log

/usr/local/ssl/bin/openssl pkcs12 -export -clcerts -inkey /usr/local/private/${user_name}.key.pem -in /usr/local/certificates/${user_name}.cer -out /usr/local/certificates/${user_name}.p12 -passin pass:$code -passout pass:$code 
